<?php
$link = mysql_connect('localhost','cs4350','!@'); 
if (!$link) { 
    die('Could not connect to MySQL: ' . mysql_error()); 
}
else {
    echo 'You are connected to the cs4350 database server!</br>';
}
if (!mysql_select_db( 'todo', $link)) {
    die('Aw snap, no database named todo...');
}
else {
    echo 'You are now using the todo database!</br>';
}

$username = $_POST['username'];

if ($_POST['attach']){
	$Name;
	$URL;

	if (!empty($_FILES['attachName']['name'])){
		$Name = $_FILES['attachName']['name'];
		$URL = 0;
		$UploadPath = "attach/";
		$UploadPath = $UploadPath . basename($_FILES['attachName']['name']);
		
		echo $UploadPath . '<br/>';
		echo($_FILES['attachName']['tmp_name']) . '<br/>';
		if (!file_exists($UploadPath)){
			if(move_uploaded_file($_FILES['attachName']['tmp_name'], $UploadPath)) {
				echo "The file ".  basename( $_FILES['attachName']['name']). 
				" has been uploaded";
			} else{
				echo "Return Code: " . $_FILES["attachName"]["error"] . "<br />";
			}
		}
	} else {
		$Name = $_POST['attachURL'];
		$URL = true;
	}

	$sql = "INSERT INTO attach VALUES ('Auto_increment','$_POST[id]','$Name','$URL')";
	//die($sql);
	
	$attached = mysql_query($sql, $link);
	if($attached){
		header('location:view.php?user='.$username);
	} else {
		die($sql);
	}
	die();
}

$done = 0;

if ($_POST['done'] != ''){
	$done = 1;
} else{
	$done = 0;
}


$sql = 'UPDATE list SET taskName="' . $_POST['task'] . '", list.desc="' . $_POST['taskDesc'] . '", list.done="' . $done . '" WHERE taskID="' . $_POST['id'] . '"';

$updated = mysql_query($sql, $link);
//$updated2 = mysql_query($sql2, $link);

if($updated){
//	if($updated2){
		header('location:view.php?user='.$username);
//	} else {
//		die($sql);
//	}
} else {
	die($sql);
}

mysql_close($link);
?>